WPA aims to finish the job WEP started: what to know before it does.The good news about WiFi is that it enables employees to work outside of the traditional office space, thus improving overall company productivity. The bad news is that the days of using the old excuse that you never received that critical company e-mail because you were "out of the office and in meetings all day"--may soon come to an end. Gartner analysts estimate that by 2005, 80% of all commercial notebooks sold will be wireless-enabled. They also predict that by 2005, 50% of Fortune 1000 companies will have extensively deployed wireless LAN A local area network that transmits over the air typically in the 2.4 GHz or 5 GHz unlicensed frequency band. It does not require line of sight between sender and receiver. Wireless base stations (access points) are wired to an Ethernet network and transmit a radio frequency over an area technology based on the latest 802.11 standards. And, by 2010, the majority of Fortune 2000 companies will have deployed wireless LANs to support standard wired network technology LANs. Does this mean that a Jetsons-inspired society with people regularly beaming information from their laptops to company servers from hotels, airport lounges, conference centers--Starbucks and McDonald's--is in our future? For many, the answer is yes. But not so fast. One major roadblock that needs to be overcome is the lack of security that arises from having all of this valuable information floating around in our airwaves airwaves Noun, pl Informal radio waves used in radio and television broadcasting for any hacker to take. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Dr. Ron Sperano, director of mobile market development at IBM's Personal Computing Refers to users working on their own computers rather than a terminal to a mainframe. Sometimes, the term refers to using computers at home for work and/or entertainment in contrast to business use only. See personal computer. Division, adopting a wireless LAN is a wise decision. "Financial justification comes from two areas; cable versus no cable and increased productivity." He continued, "WLANs can be less expensive than wired LANs due to the high cost of cabling and maintenance; however this varies by location. The real justification for WLANs is due to the increased employee productivity. Employees can maintain high-speed connectivity anywhere on campus, at home and on the road." But prior to implementing a wireless solution, companies need to ask themselves these three basic questions: * Is there a need for mobility? * Where is the financial justification? * Can it be made secure? Rundown Rundown A summary of the amount and prices of a serial bond issue that is still available for purchase. rundown A list of available bonds in a municipal issue of serial bonds. of the Latest IEEE (Institute of Electrical and Electronics Engineers, New York, www.ieee.org) A membership organization that includes engineers, scientists and students in electronics and allied fields. Standards There is a thin cloud of confusion as to the numerous wireless standards that have been implemented by the IEEE. As of today, there are four--with 802.11b having the largest company install-base. In order of appearance and certification, they are as follows: 802.11b, 802.11a--and the latest and greatest, recently certified and more costly--802.11g. (802.11i, should be coming out, too, by the end of this year or the beginning of next.) What differentiates each of them is mainly their speed and frequency. 802.11b operates at a 2.4-GHZ range and has a maximum throughput of 11Mbps. The more advanced 802.11a standard operates at a 5-GHZ frequency and has a throughput of 54Mbps. While the latest, g standard has the high throughput of 54Mbps and operates like the b standard at 2.4GHZ (GigaHertZ) One billion cycles per second. High-speed computers have internal clocks rated in GHz, and radio frequency applications transmit in this range. See MHz for an explanation of how GHz and MHz affect computer performance. See RF and space/time. . As far as interoperability is concerned--and forgive me if this brings back bad memories of Statistics 101--b is compatible with g, g is compatible with b but only at b's throughput, and a--the most difficult one out of the bunch--is compatible with neither but is willing to cohabitate with either within the same device. Documented Risks Now that we know the technology that's out there, let's examine the risks involved in implementing it. In a recent survey by Jupiter Research, out of 500 companies polled, less than half had implemented security procedures for their wireless architecture. According to a whitepaper written by Internet Security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. Systems (ISS ISS See Institutional Shareholder Services (ISS). ) entitled "Wireless LAN Security One issue with corporate wireless networks in general, and WLANs in particular, involves the need for security. Many early access points could not discern whether or not a particular user had authorization to access the network. ," apart from the widely known encryption attacks already made public about the 802.11b standard, the others that fall into these six categories: * Rogue access points (1) A wireless access point (AP) installed by an employee without the consent of the IT department. Without the proper security configuration, users have exposed their company's network to the outside world. * Interception and unauthorized monitoring of wireless traffic * Jamming * Client-to-client attacks * Brute force attacks The systematic, exhaustive testing of all possible methods that can be used to break a security system. For example, in cryptanalysis, trying all possible keys in the keyspace to decrypt a ciphertext. See dictionary attack. See also brute force programming. against access point passwords * Misconfigurations Rogue Access Points Insertion attacks happen when hackers use unauthorized devices to create new wireless networks without going through proper procedure. What may facilitate this process--and what many organizations may not be aware of--is that internal employees may have deployed their own wireless capabilities onto company networks. This lack of awareness could lead to the previously described attacks, with unauthorized clients gaining access to corporate resources through what are called "rogue" access points. To avoid hackers taking advantage of this, companies need to implement policies designed to secure the configuration of access points. Interception and Monitoring of Wireless Traffic As you can imagine, interception of wireless traffic is similar to the interception of wired traffic. Whereas a wired attacker needs to be where there is a functioning network connection to attack, the wireless attacker needs only to be within range of an access point (approximately 300 feet for 802.11b) to carry out his attack. Also keep in mind that implementing directional antennas can drastically extend either the transmission or reception range of WiFi products. Therefore, the 300-foot maximum range commonly attributed to 802.11b, only applies to bare installations. Enhanced equipment will also enhance the chances of others picking up the signal. This is amplified by the fact that access points transmit their signals in circular patterns. All this to say that the 802.11b signal, by nature, extends beyond the physical boundaries of the work area it is intended to cover. This signal can therefore be intercepted outside of buildings, or even between floors of the same building. Jamming This is a term used to describe the stalled state of a network, when traffic cannot reach the clients or the access point because competing traffic has taken over a certain frequency. An intruder An attacker that gains, or tries to gain, unauthorized access to a system. See attacker, intrusion and IDS. with the proper equipment and tools can easily flood the 2.4GHz frequency, corrupting the signal and stalling the network. In addition, cordless phones, baby monitors--and other devices that operate on the 2.4 GHz band--can also disrupt a network by using that same frequency. Client-to-Client Attacks The fact that two wireless clients can talk directly to one another, bypassing the access point as a whole, can jeopardize both party's confidential files. WiFi LAN administrators therefore need to defend their clients not just against any external threats but also from each other. Brute Force Attacks Against Access Point Passwords Most access points use a password that is shared with all connecting wireless clients. Brute force (programming) brute force - A primitive programming style in which the programmer relies on the computer's processing power instead of using his own intelligence to simplify the problem, often ignoring problems of scale and applying naive methods suited to small problems directly dictionary attacks attempt to compromise this authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. procedure by methodically testing every possible password. Once that password is guessed, the intruder gains full access to the access point. Misconfiguration Many access points ship in an unsecured configuration for ease of use and rapid deployment. Unless administrators understand wireless security risks and properly configure each unit prior to deployment, these access points will remain a high risk for attack or misuse. A tip for administrators: Look out for the SSID (Service Set IDentifier) The name assigned to a wireless Wi-Fi network. All devices must use this same, case-sensitive name to communicate, which is a text string up to 32 bytes long. . This is a configurable identification code that allows clients to communicate with an appropriate access point. With proper configuration, only clients with the correct SSID can communicate with that access point. Without it, the system as a whole is rendered completely vulnerable to potential attackers. Implementing Security Practices: WPA WPA: see Work Projects Administration. WPA in full Works Progress Administration later (1939–43) Work Projects Administration U.S. work program for the unemployed. vs. WEP (Wired Equivalent Privacy) An IEEE standard security protocol for wireless 802.11 networks. Introduced in 1997, WEP was found to be very inadequate and was superseded by WPA, WPA2 and 802.11i. In reaction to the above-mentioned flaws in wireless LAN technology, the WiFi Alliance has taken it upon itself to try to beef-up wireless security. Over the past couple of years, it has been working diligently to bring to market a standards-based interoperable security specification to increase the level of data protection and access control. The newest specification (which is still in the works) is being called Wi-Fi Protected Access (networking, security) Wi-Fi Protected Access - (WPA) A security scheme for wireless networks, developed by the networking industry in response to the shortcomings of Wired Equivalent Privacy (WEP). (WPA). WPA has addressed the past flaws of Wired Equivalent Privacy Wired Equivalent Privacy or Wireless Encryption Protocol (WEP) is a scheme to secure IEEE 802.11 wireless networks. It is part of the IEEE 802.11 wireless networking standard. (WEP), the original security mechanism for WLANs that has been in place since the adoption of the IEEE 802.11 standard in 1997. Throughout the years, WEP has been put to shame by a series of independent studies from various academic and commercial institutions that have shown that an intruder equipped with the proper tools and a moderate amount of technical know-how can gain unauthorized access to a WLAN See wireless LAN. WLAN - wireless local area network , even with WEP enabled. Concerned that this lack of security could strongly hinder the adoption of Wi-Fi devices, the Wi-Fi Alliance (Wi-Fi Alliance, Austin, TX, www.wi-fi.org) A membership organization founded in 1999 devoted to certifying 802.11 wireless Ethernet devices for interoperability. The Wi-Fi CERTIFIED logo on a wireless radio (PC card, access point, etc. in conjunction with the IEEE, have initiated an effort to bring a strongly improved, standards-based, interoperable Wi-Fi security solution to the market. According to the WiFi alliance, WPA is that solution. WPA is designed to secure all versions of 802.11 devices, including 802.11b, 802.11a, and 802.11g, multi-band and multi-mode. WPA is a subset of the IEEE's forthcoming 802.11i standard, which is expected to be unveiled during the first quarter of 2004. Temporary Solutions Until a more secure standard of security than WEP is on the market, Dr. Sperano offers a do it yourself approach to protecting your organization's wireless network with these helpful tips: Don't broadcast your wireless radio: According to Sperano, the most important and easiest step to protecting yourself is to stop any access points from broadcasting their name. "Any wireless access point attached to a wired network essentially broadcasts an Ethernet connection and an on-ramp to the entire enterprise network," he said. "But by turning off this default feature, stations must know the SSID in order to connect to an access point. If the hacker does not know the name of the network, he cannot roam into it." Sniff Out 'Rogue' WLANs: Rogue access points are a well-documented problem. Sperano says that because a simple access point can be installed for $150, employees are deploying unauthorized WLANs when IT departments are slow to adopt the new technology. "These rogue access points generally lack security," he explained. "By implementing software that sniffs out access points, such as IBM's Distributed Wireless Security Auditor, IT managers can manage this problem." Lock down access points: Organizations should change the default service set identifiers In Wi-Fi Wireless LAN computer networking, a service set identifier (SSID) is a code attached to all packets on a wireless network to identify each packet as part of that network. (SSID), or the 'names of the access points.' A default SSID usually alerts hackers to vulnerable wireless LANs. Use a Virtual Private Network: And finally, until WAP (1) (Wireless Access Point) See access point. (2) (Wireless Application Protocol) A standard for providing cellular phones, pagers and other handheld devices with secure access to e-mail and text-based Web pages. becomes the norm for wireless security, and with the authentication vulnerabilities from WEP, Virtual Private Networks may be the most efficient solution. By employing strong authentication and encryption mechanisms between access points and the network, you can secure the overall wireless environment. It seems that security remains to be the principal hurdle in WiFi's race towards market acceptance. Until security replaces productivity as the main motivator behind the technology, wireless LANs may never see the light of day. Some analysts are saying that much of the money being poured into public WLANs today to enable access from places as diverse as bars, hotels, airports, trains, bus and metro stations, is going to waste. Analysts at Forrester Research Forrester Research is an independent technology and market research company that provides its clients with advice about technology's impact on business and consumers. Corporate facts
|
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion